PT-2024-26332 · Ibm · Ibm Security Access Manager
Published
2024-06-28
·
Updated
2024-08-01
·
CVE-2024-35139
CVSS v3.1
6.2
Medium
| Vector | AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
IBM Security Access Manager Docker versions 10.0.0.0 through 10.0.7.1
Description
The issue allows a local user to obtain sensitive information from the container due to incorrect default permissions.
Recommendations
For versions 10.0.0.0 through 10.0.7.1, update the permissions to the correct settings to prevent unauthorized access to sensitive information.
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Incorrect Default Permissions
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Ibm Security Access Manager